# GET /api/v1/advisory-firms/{firm_id}/invitations > List pending invitations - **Tag:** advisory-firms - **Operation ID:** `list_firm_invitations_api_v1_advisory_firms__firm_id__invitations_get` ## Description List all invitations for a firm, optionally filtered by type (client, staff, or all) and status. ## Authentication Bearer token in `Authorization` header. Required header: `x-business-id: `. ## Parameters - `firm_id` (path, string, required) - `type` (query, string, optional) — Filter by invitation type - `status` (query, string, optional) — Filter by status (e.g. pending) ## Responses ### 200 — Successful Response Schema: `InvitationListResponse` - `invitations` (array · InvitationItemResponse · required) → `InvitationItemResponse` - `id` (string · required) - `type` (string · required) — 'client' or 'staff'. - `email` (string · required) - `first_name` (string) - `last_name` (string) - `role` (string · required) - `status` (string · required) - `reason` (string) — Derived at list time for pending invitations — explains why the invite hasn't been accepted yet (new_user / needs_clerk_signup / clerk_unavailable). None for terminal states (accepted / cancelled / expired). - `firm_id` (string · required) - `business_id` (string) — Business ID (client invitations only). - `invited_by` (string · required) - `expires_at` (string · date-time) - `last_sent_at` (string · date-time) - `created_at` (string · date-time · required) - `business_ids` (array · string) — Businesses queued to be assigned to the invitee on accept (staff member invitations only). - `assign_all_firm_businesses` (boolean) — If true, the invitee will be assigned to every active firm business on accept (staff member invitations only). - `team_id` (string) — Team the invitee will join on accept (staff member invitations only). - `total` (integer · required) ### 401 — Unauthorized - Authentication required ### 403 — Forbidden - Insufficient permissions ### 422 — Validation Error Schema: `HTTPValidationError` - `detail` (array · ValidationError) → `ValidationError` - `loc` (array · string | integer · required) - `msg` (string · required) - `type` (string · required) - `input` (object) - `ctx` (object) ## Code samples ### cURL ```bash curl -X GET 'https://api.ondayzero.com/api/v1/advisory-firms/{firm_id}/invitations' \ -H 'Authorization: Bearer dz_your_token' \ -H 'x-business-id: YOUR_BUSINESS_ID' ``` ### JavaScript ```javascript const response = await fetch('https://api.ondayzero.com/api/v1/advisory-firms/{firm_id}/invitations', { method: 'GET', headers: { Authorization: 'Bearer dz_your_token', 'x-business-id': 'YOUR_BUSINESS_ID', }, }); const data = await response.json(); ``` ### Python ```python import httpx headers = { "Authorization": "Bearer dz_your_token", "x-business-id": "YOUR_BUSINESS_ID", } response = httpx.get("https://api.ondayzero.com/api/v1/advisory-firms/{firm_id}/invitations", headers=headers) data = response.json() ``` ## See also - HTML version: https://www.ondayzero.com/docs/reference/advisory-firms/list-firm-invitations - OpenAPI slice: https://www.ondayzero.com/docs/reference/advisory-firms/list-firm-invitations/openapi.json - Other endpoints in **advisory-firms**: https://www.ondayzero.com/docs/reference/advisory-firms